Mailing List Archive

false positives with plugin 11009 (lotus_path_disclosure.nasl)
nessus 2.0.10a with original plugins

target:8080 running WWWOFFLE/2.8a (caching http proxy)

% nasl -t target lotus_path_disclosure.nasl
HTTP/1.1 503 WWWOFFLE Remote Host Error
Success

I'm not sure what the Domino server positive test result would look
like but my incompetent *guess* is that the egrep ...

if(egrep(pattern:"[A-Z]:.*com5\.pl", string:r, icase:TRUE))
security_warning(port);

should be (at least) icase:FALSE (?)
Or ... AND NOT egrep("http://.*com5\.pl",string:r_matched,...) ?

% curl -si http://target:8080/cgi-bin/com5.pl|egrep -i "[A-Z]:.*com5\.pl"
url = The URL that was asked for (='http://target:8080/cgi-bin/com5.pl').
<b><tt>http://target:8080/cgi-bin/com5.pl</tt></b>

--
Martin Maèok http://underground.cz/
martin.macok@underground.cz http://Xtrmntr.org/ORBman/